Google Cloud Services basics

Hi, so I was one of the Google cloud Facilitators for this year. This blog contains a list of all the cloud services offered by google which were covered in the Cloud Engineering Track.

Virtual Machine:

A virtual machine can be simply defined as creating a computer within a computer, which can run on different OS. A virtual machine can’t tamper or interfere with the computer itself but is an excellent way to run an ideal environment for programs.

Compute Engine lets you create virtual machines that run different operating systems, including multiple flavours of Linux and Windows Server

Certain Compute Engine resources live in regions or zones. A region is a specific geographical location where you can run your resources. Each region has one or more zones. For example,

To check information about default region and zone, type this in the cloud shell

gcloud config get-value compute/zone
gcloud config get-value compute/region

Resources that live in a zone are referred to as zonal resources. Virtual machine Instances and persistent disks live in a zone. To attach a persistent disk to a virtual machine instance, both resources must be in the same zone. Similarly, if you want to assign a static IP address to an instance, the instance must be in the same region as the static IP.

You can create a Virtual machine from cloud console or from the cloud shell.

For more information,

1. https://cloud.google.com/compute/docs/instances/

Virtual Private Cloud (VPC):

A Virtual Private Cloud (VPC) network is a virtual version of a physical network. Every instance in a VPC network has a default network interface. You can create additional network interfaces attached to your VMs.

Multiple network interfaces enable you to create configurations in which an instance connects directly to several VPC networks (up to 8 interfaces, depending on the instance’s type).

You can create the VM instance with multiple network interfaces, and explore network interface details and connectivity.

You can configure custom firewall rule and explore the network and security admin roles.

For more information,

1. https://cloud.google.com/vpc/docs/vpc

Network and Load Balancing:

2.1.Multiple web server instances

To simulate serving from a cluster of machines, create a simple cluster of Nginx web servers to serve static content using,

1.Instance templates :

An instance template is a resource that you can use to create Virtual Machine (VM) instances and managed instance groups (MIGs).

Instance templates define the machine type, boot disk image or container image, labels, and other instance properties. Use instance templates any time you want to quickly create VM instances based off of a preexisting configuration.

2.Managed instance groups:

Can operate apps on multiple identical VMs. You can make your workloads scalable and highly available by taking advantage of automated MIG services, including auto-scaling, auto-healing, regional (multiple zones) deployment, and automatic updating.

Managed instance groups (MIGs) are suitable for scenarios like these:

1. Stateless serving workloads, such as a website front end
2. Stateless batch, high-performance, or high-throughput compute workloads, such as image processing from a queue
3. Stateful applications, such as databases, legacy applications, and long-running batch computations with checkpointing

Each managed instance in a MIG is created from an instance template.

To create the Nginx web server clusters, steps to be followed:

1. A startup script to be used by every virtual machine instance to set up Nginx server.
2. An instance template to use the startup script.
3. A target pool, allows a single access point to all the instances in a group and is necessary for load balancing.
4. A managed instance group.
5. Check if the computer engine instance has been created or not.
6. Configure your fire wall rules to allow tcp traffic over port 80

2.2.Network Load balancer:

Network load balancing allows you to balance the load of your systems based on incoming IP data, such as address, port, and protocol type.

You also get some options that are not available with HTTP(S) load balancing. For example, you can load balance additional TCP/UDP based protocols, such as SMTP traffic.

2.2.1.HTTP(S) load balancing in depth:

HTTP(S) load balancing provides global load balancing for HTTP(S) requests directed to your instances. You can configure URL rules to route some URLs to one set of instances and route other URLs to other instances.

Requests are always routed to the instance group that is closest to the user, if that group has enough capacity and is appropriate for the request. If the closest group does not have enough capacity, the request is sent to the closest group that does have capacity.

A forwarding rule sends traffic to a specific target HTTP or HTTPS proxy depending on the IP address, IP protocol, and port specified. The global forwarding rule does not support multiple ports.

For more information,

1. https://cloud.google.com/load-balancing/docs/load-balancing-overview#a_closer_look_at_cloud_load_balancers
2. https://cloud.google.com/compute/docs/load-balancing/network/

Cloud Storage:

Cloud Storage allows world-wide storage and retrieval of any amount of data at any time. You can use Cloud Storage for a range of scenarios including serving website content, storing data for archival and disaster recovery, or distributing large data objects to users via direct download.

You can create/delete folder, upload items into these folders. You can also share the object publicly.

Cloud IAM:

Google Cloud’s Identity and Access Management (IAM) service lets you create and manage permissions for Google Cloud resources. Cloud IAM unifies access control for Google Cloud services into a single system and provides a consistent set of operations.

You can add roles to users and restrict the utilization over cloud resources. Such as give read permission to all, and write permission to certain users.

For more information,

1.https://cloud.google.com/iam/docs/understanding-roles#primitive_roles

Cloud Monitoring:

Cloud Monitoring provides visibility into the performance, uptime, and overall health of cloud-powered applications.

Cloud Monitoring collects metrics, events, and metadata from Google Cloud, Amazon Web Services, hosted uptime probes, application instrumentation, and a variety of common application components including Cassandra, Nginx, Apache Web Server, Elasticsearch, and many others.

Cloud Monitoring ingests that data and generates insights via dashboards, charts, and alerts. Cloud Monitoring alerting helps you collaborate by integrating with Slack, PagerDuty, HipChat, Campfire, and more.

1.Install the monitoring and logging agents:

An Agents collect data and then send or stream info to Cloud Monitoring in the Cloud Console.

The Cloud Monitoring agent is a collected-based daemon that gathers system and application metrics from virtual machine instances and sends them to Monitoring. By default, the Monitoring agent collects disk, CPU, network, and process metrics.

(In multitasking computer operating systems, a daemon is a computer program that runs as a background process, rather than being under the direct control of an interactive user.)

Install agents on a VM:

1.Run the Monitoring agent install script command in the SSH terminal of your VM instance to install the Cloud Monitoring agent.

curl -sSO https://dl.google.com/cloudagents/add-monitoring-agent-repo.sh
sudo bash add-monitoring-agent-repo.sh

sudo apt-get update

sudo apt-get install stackdriver-agent

2.Run the Logging agent install script command in the SSH terminal of your VM instance to install the Cloud Logging agent

curl -sSO https://dl.google.com/cloudagents/add-logging-agent-repo.sh
sudo bash add-logging-agent-repo.sh

sudo apt-get update

sudo apt-get install google-fluentd

For more information,

1. https://cloud.google.com/monitoring/agent

2.Create an uptime check:

Uptime checks verify that a resource is always accessible. For example, create an uptime check to verify your VM is up.

3.Create an alerting policy:

Use Cloud Monitoring to create one or more alerting policies. Alerting gives timely awareness to problems in your cloud applications so you can resolve the problems quickly.

To create an alerting policy, you must describe the circumstances under which you want to be alerted and how you want to be notified.

For more information,

1. https://cloud.google.com/monitoring/alerts/

Cloud Functions:

Cloud Functions is a serverless execution environment for building and connecting cloud services. With Cloud Functions you write simple, single-purpose functions that are attached to events emitted from your cloud infrastructure and services.

Your Cloud Function is triggered when an event being watched is fired. Your code executes in a fully managed environment. There is no need to provision any infrastructure or worry about managing any servers.

Cloud Functions are written in Javascript and execute in a Node.js environment on Google Cloud. You can take your Cloud Function and run it in any standard Node.js runtime which makes both portability and local testing a breeze.

Cloud Functions provides a connective layer of logic that lets you write code to connect and extend cloud services.

1.Events and Triggers:

Cloud events are things that happen in your cloud environment. These might be things like changes to data in a database, files added to a storage system, or a new virtual machine instance being created.

Events occur whether or not you choose to respond to them. You create a response to an event with a trigger. A trigger is a declaration that you are interested in a certain event or set of events. Binding a function to a trigger allows you to capture and act on events.

For more information

1. https://cloud.google.com/functions/docs/concepts/events-triggers

2.Serverless:

Cloud Functions removes the work of managing servers, configuring software, updating frameworks, and patching operating systems. The software and infrastructure are fully managed by Google so that you just add code. Furthermore, provisioning of resources happens automatically in response to events. This means that a function can scale from a few invocations a day to many millions of invocations without any work from you.

For more information,

1. https://cloud.google.com/serverless/

Use cases:

The fine-grained, on-demand nature of Cloud Functions also makes it a perfect candidate for lightweight APIs and web-hooks.

Pub/ Sub :

Google Cloud Pub/Sub is a messaging service for exchanging event data among applications and services. A producer of data publishes messages to a Cloud Pub/Sub topic. A consumer creates a subscription to that topic. Subscribers either pull messages from a subscription or are configured as web-hooks for push subscriptions. Every subscriber must acknowledge each message within a configurable window of time.

With Pub/ Sub you can ,

1. Set up a topic to hold data.
2. Subscribe to a topic to access the data.
3. Publish and then consume messages with a pull subscriber.
4. View the message

For more information,

1.https://developers.google.com/pubsub/overview

Firewall Rules:

You can create custom firewall rules with custom tags

The default-allow-internal firewall rule allows traffic on all protocols/ports within the default network. You want to create a firewall rule to allow traffic from outside this network to only the blue server, by using the network tag web-server.

Make sure to include the /0 in the Source IP ranges to specify all networks.